package com.dongdongshop.shiro;


import com.dongdongshop.pojo.TbAdmin;
import com.dongdongshop.pojo.TbUser;
import com.dongdongshop.service.LoginService;
import com.dongdongshop.service.UserService;
import org.apache.dubbo.config.annotation.DubboReference;
import org.apache.shiro.authc.*;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.util.ByteSource;

public class LoginRealm extends AuthorizingRealm {

    @DubboReference
    private UserService userService;

    //授权
    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {

       /* SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
        //根据缓存中用户的id 去查询对用的权限
        List<String>list = menuService.getPermsByPId();

        info.addStringPermissions(list);*/
        return null;
    }

    //登录 认证
    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {

        //向下转型,获取 token 封装回来的 username ,password
        UsernamePasswordToken token = (UsernamePasswordToken) authenticationToken;

        TbUser user = userService.getUserList(token.getUsername());
        //进行判断
        if (user == null ){
            return null;
        }
        // 第一个参数表示 登录的用户   第二个参数表示数据库的密码(密码在这里进行校验) 第三个参数表示登录成功的用户名
        return new SimpleAuthenticationInfo(user,user.getPassword(), ByteSource.Util.bytes(user.getSalt()),user.getUsername());
    }
}
